AMD processors
by AMD
CVEs (34)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-26349 | Med | 0.36 | 5.5 | 0.00 | May 11, 2022 | Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). | ||
| CVE-2021-26348 | Med | 0.36 | 5.5 | 0.00 | May 11, 2022 | Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | ||
| CVE-2021-26339 | Med | 0.36 | 5.5 | 0.00 | May 11, 2022 | A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated… | ||
| CVE-2021-26401 | Med | 0.36 | 5.6 | 0.00 | Mar 11, 2022 | LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | ||
| CVE-2021-26312 | Med | 0.36 | 5.5 | 0.00 | Nov 16, 2021 | Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | ||
| CVE-2023-20584 | Med | 0.34 | 5.3 | 0.00 | Aug 13, 2024 | IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. | ||
| CVE-2023-20583 | Med | 0.31 | 4.7 | 0.00 | Aug 1, 2023 | A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | ||
| CVE-2022-27672 | Med | 0.31 | 4.7 | 0.00 | Mar 1, 2023 | When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. | ||
| CVE-2021-26350 | Med | 0.31 | 4.7 | 0.00 | May 11, 2022 | A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. | ||
| CVE-2021-26400 | Med | 0.26 | 4.0 | 0.00 | May 11, 2022 | AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. | ||
| CVE-2024-36349 | Low | 0.25 | 3.8 | 0.00 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage. | ||
| CVE-2024-36348 | Low | 0.25 | 3.8 | 0.00 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage. | ||
| CVE-2021-26342 | Low | 0.21 | 3.3 | 0.00 | May 11, 2022 | In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB… | ||
| CVE-2022-23830 | Low | 0.12 | 1.9 | 0.00 | Nov 14, 2023 | SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. |
- risk 0.36cvss 5.5epss 0.00
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA).
- risk 0.36cvss 5.5epss 0.00
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
- risk 0.36cvss 5.5epss 0.00
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated…
- risk 0.36cvss 5.6epss 0.00
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
- risk 0.36cvss 5.5epss 0.00
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
- risk 0.34cvss 5.3epss 0.00
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
- risk 0.31cvss 4.7epss 0.00
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information.
- risk 0.31cvss 4.7epss 0.00
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
- risk 0.31cvss 4.7epss 0.00
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service.
- risk 0.26cvss 4.0epss 0.00
AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage.
- risk 0.25cvss 3.8epss 0.00
A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.
- risk 0.25cvss 3.8epss 0.00
A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.
- risk 0.21cvss 3.3epss 0.00
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB…
- risk 0.12cvss 1.9epss 0.00
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
Page 2 of 2